{“lastseen”:”2025-11-13T05:10:47″,”description”:”\\n\\nCybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.\\n\\n\\”The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years,\\” Endor Labs researchers Cris Staicu and Kiran Raj said in a Tuesday report.\\n\\nThe coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul McCarty, who first flagged the activity. The end goal is quite unusual \u2013 It’s designed to inundate the npm registry with random packages rather than focusing on data theft or other malicious behaviors.\\n\\nThe worm-life propagation mechanism and the use of a distinctive naming scheme that relies on Indonesian names and food terms for the newly created packages have lent it the moniker IndonesianFoods. The bogus packages masquerade as Next.js projects.\\n\\n\\”What makes this threat particularly concerning is that the attackers took the time to craft an NPM worm, rather than a singular attack,\\” McCarty said. \\”Even worse, these threat actors have been staging this for over two years.\\”\\n\\nSome signs that point to a sustained, coordinated effort include the consistent naming patterns and the fact that the packages are published from a small network of over a dozen npm accounts.\\n\\nThe worm is located within a single JavaScript file (e.g., \\”auto.js\\” or \\”publishScript.js\\”) in each package, staying dormant until a user manually runs the script using a command like \\”node auto.js.\\” In other words, it does not execute automatically during installation or as part of a \\”postinstall\\” hook.\\n\\nIt’s not clear why someone would go to the extent of running JavaScript manually, but the existence of over 43,000 packages suggests either multiple victims executed the script \u2013 either by accident or out of curiosity \u2013 or the attackers ran it themselves to flood the registry, Henrik Plate, head of security research at Endor Labs, told The Hacker News.\\n\\n\\n\\n\\”We haven’t found evidence of a coordinated social engineering campaign, but the code was written with social engineering potential, possible victim scenarios include: fake blog posts, tutorials, or README entries instructing users to run ‘node auto.js’ to ‘complete setup’ or ‘fix a build issue,’ [and] CI\/CD pipeline build scripts with wildcards something like node *.js that execute all JavaScript files,\\” Raj added.\\n\\n\\”The payload’s dormant design is intended to evade automated detection, by requiring manual execution instead of ‘autorun,’ the attackers reduce the chance of being flagged by security scanners and sandboxing systems.\\”\\n\\nThe manual execution causes the script to initiate a series of actions in an infinite loop, including removing \\u003c\\”private\\”: true\\u003e from the \\”package.json\\” file. This setting is typically used to prevent accidental publication of private repositories. It then proceeds to create a random package name using the internal dictionary and assign it a random version number to bypass npm’s duplicate version detection.\\n\\nIn the final stage, the spam package is uploaded to npm using the \\”npm publish\\” command. This step is repeated in an infinite loop, causing a new package to be pushed out every 7 to 10 seconds. This translates to about 12 packages per minute, 720 per hour, or 17,000 per day.\\n\\n\\”This floods the NPM registry with junk packages, wastes infrastructure resources, pollutes search results, and creates supply chain risks if developers accidentally install these malicious packages,\\” McCarty said.\\n\\nAccording to Endor Labs, the campaign is part of an attack that was first flagged by Phylum (now part of Veracode) and Sonatype in April 2024 that involved the publication of thousands of spam packages to conduct a \\”massive automated crypto farming campaign\\” by abusing the Tea protocol.\\n\\n\\”What makes this campaign particularly insidious is its worm-like spreading mechanism,\\” the researchers said. \\”Analysis of the ‘package.json’ files reveals that these spam packages do not exist in isolation; they reference each other as dependencies, creating a self-replicating network.\\”\\n\\nThus, when a user installs one of the spam packages, it causes npm to fetch the entire dependency tree, straining registry bandwidth as more dependencies are fetched exponentially.\\n\\nEndor Labs said some of the attacker-controlled packages, such as arts-dao and gula-dao, include a tea.yaml file listing five different TEA accounts. The Tea protocol is a decentralized framework that allows open-source developers to be rewarded for their software contributions.\\n\\nThis likely indicates that the threat actors are using this campaign as a monetization vector by earning TEA tokens by artificially inflating their impact score. It’s not clear who is behind the activity, but source code and infrastructure clues suggest it could be someone operating out of Indonesia.\\n\\nThe application security company has also flagged a second variant that employs a different naming scheme comprising random English words (e.g., able_crocodile-notthedevs).\\n\\nThe findings also serve to highlight a security blind spot in security scanners, which are known to flag packages that execute malicious code during installation by monitoring lifecycle hooks or detecting suspicious system calls.\\n\\n\\”In this case, they found nothing because there was nothing to find at the time of installation,\\” Endor Labs said. \\”The sheer number of packages flagged in the current campaign shows that security scanners must analyze these signals in the future.\\”\\n\\n\\n\\nGarrett Calpouzos, principal security researcher at software supply chain security firm Sonatype, characterized IndonesianFoods as a self-publishing worm operating at a massive scale, overwhelming security data systems in the process.\\n\\n\\”The technical sophistication isn’t necessarily higher \u2014 interestingly, these packages do not appear to even try to infiltrate developer machines \u2014 it’s the automation and scale that are escalating at an alarming rate,\\” Calpouzos said.\\n\\n\\”Each wave of these attacks weaponizes npm’s open nature in slightly new ways. This one may not steal credentials or inject code, but it still strains the ecosystem and proves how trivial it is to disrupt the world’s largest software supply chain. While the motivation is unclear, the implications are striking.\\”\\n\\nWhen reached for comment, a GitHub spokesperson said it has removed the packages in question from npm, and that it’s committed to detecting, analyzing, and taking down packages and accounts that go against its policies.\\n\\n\\”We have disabled malicious npm packages in accordance with GitHub’s Acceptable Use Policies which prohibit posting content that directly supports unlawful active attack or malware campaigns that are causing technical harms,\\” the spokesperson added. \\n\\n\\”We employ manual reviews and at-scale detections that use machine learning and constantly evolve to mitigate malicious usage of the platform. We also encourage customers and community members to report abuse and spam.\\”\\n\\nFound this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2025-11-13T04:58:00″,”modified”:”2025-11-13T04:58:06″,”type”:”thn”,”title”:”Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack”,”source”:””,”references”:””,”id”:”THN:469E85F4956D8554BD8D5BC2567864AC”,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2025\/11\/over-46000-fake-npm-packages-flood.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-11-13T05:10:47″,”description”:”\\n\\nCybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,13,33,7,11,43,5],"class_list":["post-26078","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n